There are mobile communication devices known which contain memory devices having unique memory device identifications, e.g. the MIFARE® classic family, developed by NXP Semiconductors, a contactless smart card IC operating in the 13.56 MHz frequency range with read/write capability. Recently, secure memory elements have been developed which are memory devices providing enhanced security features, particularly for the use in mobile phones and other mobile communication devices with Near Field Communication (NFC) capabilities. Said secure memory elements are also known as “Smart Cards”. One of the leading representatives of these secure memory elements is the SmartMX (Memory eXtension) smart card family that has been designed by NXP Semiconductors for high-security smart card applications requiring highly reliable solutions, with or without multiple interface options. Key applications are e-government, banking/finance, mobile communications and advanced public transportation. SmartMX architecture combines coprocessors for RSA, ECC, DES and AES and enables implementation of operating systems including Java Open Platform and MULTOS. The ability of SmartMX cards to run the MIFARE protocol concurrently with other contactless transmission protocols implemented by the User Operating System enables the combination of new services and existing applications based on MIFARE (e.g. ticketing) on a single Dual Interface controller based smart card. SmartMX cards are able to emulate MIFARE Classic devices and thereby makes this interface compatible with any installed MIFARE Classic infrastructure. The contactless interface can be used to communicate via any protocol, particularly the MIFARE protocol and self defined contactless transmission protocols. SmartMX enables the easy implementation of state-of-the-art operating systems and open platform solutions including JCOP (the Java Card Operating System) and offers an optimized feature set together with the highest levels of security.
Service Providers like banks, public transport companies, loyalty programs owners etc. provide contactless services to customers who are defined as persons using the mobile communication devices, e.g. NFC mobile phones, for mobile communications and contactless services. These contactless services comprise the provision of transport passes, cinema tickets, coupons, etc. which can be subsumed by the generic terms “applications” and “services”. In the following description the term “application” will be used which has to be understood in a broad sense.
A customer buys applications for instance by ordering them from the website of a Service Provider. In the course of the purchasing procedure the customer inputs a unique identification number of his/her communication device, e.g. the telephone number of a NFC mobile phone, so that the Service Provider knows unambiguously where to send the application.
Then the Service Provider transmits the application to the customer's mobile communication device via any communication channel, e.g. the Over The Air (OTA) transport services of a Mobile Network Operator to which the customer is subscribed. Alternatively, the Service Provider communicates indirectly with the mobile communication device via a Trusted Service Manager which securely distributes and manages the Service Provider's applications and transmits them to the mobile communication device. The Trusted Service Manager does not participate in the transaction stage of the applications, thus ensuring that the Service Provider's business models are not disrupted. Trusted Service Managers can be managed by one or a plurality of Mobile Network Operators, or by independent Trusted Third Parties.
When the applications are received by the mobile communication device they are stored in a secure memory element of the mobile communication device and can be consumed by the customer by positioning the mobile communication device within the range of transmission of a reading device which reads and processes the application in an appropriate manner, e.g. by giving the user access to an entrance of a concert hall. After the applications have been consumed or expired they have to be deleted from the memory element in order to free memory space for future applications.
However, deleting the expired applications from the memory element is problematic if the customer wants to keep a trace (could be a receipt) of the applications that he/she has consumed. The same problem arises if the customer wants to acquire a collector object from the applications consumed (for instance if the applications corresponds to a concert ticket).